Broken ccache name when "GssapiDelegCcacheUnique Off" #115
Description
I was observing regular GSSAPI errors when using mod_auth_gssapi.
Apache log reported random strings after the ccache path name (in about 1 of 4 GSSAPI accesses).
Something like:
/tmp/\x7f
while most of the time it was using the correct:
/tmp/marcel@MYDOMAIN.DE
Further investigation shows, that the error seemed to occur only if
"GssapiDelegCcacheUnique Off"
is used (also seems to be default setting).
Looking into the code I found that different calls are used for different GssapiDelegCcacheUnique settings:
Off: apr_psprintf(req->pool, "%s/%s", dir, escaped);
On: apr_psprintf(mc->pool, "%s/%s", dir, escaped);
So I replaced "req" with "mc" (in the "use_unique == false" code tree) and things started to work.
I'm not familiar with apache module programming, so this might not be the right way to fix things.
My tests however look very promising after this change.
Here's the simple diff:
diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c
index c3f258b..8a9ca7f 100644
--- a/src/mod_auth_gssapi.c
+++ b/src/mod_auth_gssapi.c
@@ -216,7 +216,7 @@ static char *get_ccache_name(request_rec *req, char *dir, const char *gss_name,
escaped = escape(req->pool, escaped, '/', "~");
if (use_unique == false) {
-
return apr_psprintf(req->pool, "%s/%s", dir, escaped);
-
return apr_psprintf(mc->pool, "%s/%s", dir, escaped);}
ccname = apr_psprintf(mc->pool, "%s/%s-XXXXXX", dir, escaped);